Side Channel Attacks on IoT TEE
ABSTRACT
With the significant development of Internet of Things and low cost cloud services, the sensory and data processing requirements of IoT systems are continually going up. Trust-Zone is a hardware-protected Trusted Execution Environment (TEE) for ARM processors specifically designed for IoT handheld systems. It provides memory isolation techniques to protect the trusted application data from being exploiting from malicious entities. Certain studies show vulnerabilities where malicious entities may be able to gather private user information from the ”secure world” by exploiting shared CPU resources like memory or cache. These high performance shared memory were added by vendors in order to increase the processor’s performance. In this work, we shall focus on identifying different vulnerabilities of TrustZone extension of ARM Cortex-M processors, denoted as TrustZone-M. Our threat model design will include the flows of attacking the memory entries called HeartBleed. HeartBleed is designed by overflowing the memory intentionally so that encrypted data from secure zone leaks. The design will have the flexibility to launch in both normal user world and kernel space. We propose a novel method to overflow allocated memory in the attacker app to get encrypted data from the shared memory in secure zone. Our plan is to show how an attacker can steal information from the secure world.